SDN-based cyber defense: A survey

Yürekten, Özgür
The growth and ubiquity of the Internet have changed the world in numerous ways, one of which is giving rise to the necessity of being vigilant about information security and cyber threats. As threat actors have become more sophisticated and new threats are emerging constantly, meeting information security objectives requires taking advantage of the latest technologies and tools. This paper focuses on a popular technology that can improve the way security is achieved: software-defined networking (SDN). Thanks to its flexibility, cost efficiency, and suitability for incremental deployment, SDN provides a practical means of developing effective security solutions. Through an extensive survey of the literature, we develop a taxonomy for SDN-based solutions to common attack types, identify the security primitives utilized in these studies, and categorize proposals by cyber threat category. Furthermore, we present a quantitative evaluation of the reviewed studies according to threat category, defense type, strategy, techniques, and deployment details. Finally, we discuss various challenges and potential research questions to be investigated in this area.
Future Generation Computer Systems


Static Malware Detection Using Stacked Bi-Directional LSTM
Demirci, Deniz; Acartürk, Cengiz; Department of Cybersecurity (2021-8-19)
The recent proliferation in the use of the Internet and personal computers has made it easier for cybercriminals to expose Internet users to widespread and damaging threats. In order protect the end users against such threats, a security system must be proactive. It needs to detect malicious files or executables before reaching the end-user. To create an efficient and low-cost malware detection mechanism, in the present study, we propose stacked bidirectional long short-term memory (Stacked BiLSTM) based de...
Cyber threat intelligence sharing technologies and threat sharing model using blockchain
Özdemir, Ahmet; Acar, Aybar Can; Özgit, Attila; Department of Cybersecurity (2021-5-7)
Against the measures taken, the nature of the threats in the cyber environment is evolving day by day. While script kiddie made amateur cyber attacks were usually experienced beforehand, more sophisticated and targeted attacks are frequently encountered nowadays. Besides that, commonly used signature based techniques for attack detection and threat information staying within organization is insufficient for dynamically changing, organized and targeted threats. Furthermore, with the advance of new technolog...
Online DDoS attack detection using Mahalanobis distance and Kernel-based learning algorithm
Cakmakci, Salva Daneshgadeh; Kemmerich, Thomas; Ahmed, Tarem; Baykal, Nazife (Elsevier BV, 2020-10-01)
Distributed denial-of-service (DDoS) attacks are constantly evolving as the computer and networking technologies and attackers' motivations are changing. In recent years, several supervised DDoS detection algorithms have been proposed. However, these algorithms require a priori knowledge of the classes and cannot automatically adapt to frequently changing network traffic trends. This emphasizes the need for the development of new DDoS detection mechanisms that target zero-day and sophisticated DDoS attacks....
Automatic detection of cyber security events from Turkish twitter stream and Turkish newspaper data
Ural, Özgür; Acartürk, Cengiz; Department of Cyber Security (2019)
Cybersecurity experts scan the internet and face security events that influence users, institutions, and governments. An information security analyst regularly examines sources to stay up to date on security events in her/his domain of expertise. This may lead to a heavy workload for the information analysts if they do not have proper tools for security event investigation. For example, an information analyst may want to stay aware of cybersecurity events, such as a DDoS (Distributed Denial of Service) atta...
A Digital Twins Approach to Smart Grid Security Testing and Standardization
Atalay, Manolya; Angın, Pelin (2020-06-01)
The exponential growth of the Internet of Things in recent years has created an ever larger cyber attack surface, introducing new security vulnerabilities for all computerized systems. Among the most significant of those systems are industrial control systems (ICS) consisting of many cyber physical components, and smart grids are a prominent example of ICS, whose failures have potential to cause major disruptions in all aspects of our daily lives. In this paper, we provide an overview of smart grid cybersec...
Citation Formats
Ö. Yürekten and M. DEMİRCİ, “SDN-based cyber defense: A survey,” Future Generation Computer Systems, pp. 126–149, 2021, Accessed: 00, 2021. [Online]. Available: